Menu
Can't get what I'm doing wrong...
Performed next steps on fresh compute engine instance based on Container Optimized OS:
docker-credential-gcr configure-dockersudo docker run --detach --name=echo --net=esp_net gcr.io/around-dev/firebase-service-image:latestAnd got the following:
Unable to find image 'gcr.io/around-dev/firebase-service-image:latest' locally Pulling repository gcr.io/around-dev/firebase-service-image docker: unauthorized: authentication required. See 'docker run --help'.
Then tried actually to login with docker-credential-gcr gcr-login and run, but still got the same error.
After all my .docker/.config.json looks like:
{
"auths": {},
"credHelpers": {
"asia.gcr.io": "gcr",
"eu.gcr.io": "gcr",
"gcr.io": "gcr",
"staging-k8s.gcr.io": "gcr",
"us.gcr.io": "gcr"
}
Obviously no credentials stored. Can someone explain to me what I'm doing wrong? Thanks in advance.
536
Tag image with registry name This configures the docker push command to push the image to a specific location. The registry name format is: gcr.io/[PROJECT-ID]/[IMAGE] where [PROJECT-ID] is your Google Cloud Platform Console project ID and [IMAGE] is your image's name. You are now ready to push your image to GCR!
You're seeing this error because you ran docker-credential-gcr configure-docker without sudo and then sudo docker run .... When running sudo docker, it looks for the configuration file in /root/.docker/ and doesn't find anything, thus throwing the authentication required error.
sudo docker-credential-gcr configure-docker won't fix itWhen you're running COS, you don't have write access to all directories. Only a few directories are writable and /root isn't one of them. Because of that, running docker-credential-gcr as root fails since it can't write the docker config file inside the $HOME directory (that happens to be /root).
More details on writable directories: https://cloud.google.com/container-optimized-os/docs/concepts/security#filesystem
1 - Override $HOME
sudo HOME=/home/root /usr/bin/docker-credential-gcr configure-docker
sudo HOME=/home/root docker run --detach --name=echo --net=esp_net gcr.io/around-dev/firebase-service-image:latest
2 - Manually specify a config file location
You can also include the path to the docker config directory with each command. For example, if you know docker is configured with credentials in the /home/root/.docker directory, you could run the following command: sudo docker --config /home/root/.docker pull gcr.io/my-project/alpine:3.2
150
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
